.. java:import:: org.apache.shiro.subject Subject

.. java:import:: org.caosdb.server CaosDBServer

.. java:import:: org.caosdb.server ServerProperties

.. java:import:: org.eclipse.jetty.util.ajax JSON

SessionToken
============

.. java:package:: org.caosdb.server.accessControl
   :noindex:

.. java:type:: public class SessionToken extends SelfValidatingAuthenticationToken

   Session tokens are formatted as JSON arrays with the following elements:

   ..

   * Anything but "O" (upper-case "o"), preferred is "S".
   * Realm
   * name within the Realm
   * list of roles
   * list of permissions
   * time of token generation (long, ms since 1970)
   * validity duration (long, ms)
   * salt
   * checksum

Constructors
------------
SessionToken
^^^^^^^^^^^^

.. java:constructor:: public SessionToken(Principal principal, long date, long timeout, String salt, String checksum, String[] permissions, String[] roles)
   :outertype: SessionToken

SessionToken
^^^^^^^^^^^^

.. java:constructor:: public SessionToken(Principal principal, long timeout, String[] permissions, String[] roles)
   :outertype: SessionToken

Methods
-------
calcChecksum
^^^^^^^^^^^^

.. java:method:: @Override public String calcChecksum(String pepper)
   :outertype: SessionToken

generate
^^^^^^^^

.. java:method:: public static SessionToken generate(Subject subject)
   :outertype: SessionToken

parse
^^^^^

.. java:method:: public static SessionToken parse(Object[] array)
   :outertype: SessionToken

setFields
^^^^^^^^^

.. java:method:: @Override protected void setFields(Object[] fields)
   :outertype: SessionToken

   Nothing to set in this implemention.

toString
^^^^^^^^

.. java:method:: @Override public String toString()
   :outertype: SessionToken